It was exactly 20 months since a similar attack and McAfee thinks the perpetrators are the same. They suspect this attack was:

an armed cyber reconnaissance operation of sorts, perhaps conducted by the North Korean military as the South Korean National Intelligence Agency has asserted, to test the defenses and more importantly the reaction time of the Korean government and civilian networks to a well-organized and highly obfuscated attack.

A detailed paper by McAfee on the incident, entitled "Ten Days of Rain", goes in-depth on the attack, including the sites attacked, C&C servers, cryptography used by the attackers, and errors they made and further analysis.